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Response to Arguments 

1 . This communication is in response to applicant's amendment received on June 
30, 2005. 

2. Amendments to claims 1, 12, 19, 24, 25, 27 and 32 are acknowledged. 

3. Applicant's arguments, see pages 14-16 of Remarks, filed June 30, 2005, with 
respect to the rejection(s) of claims 1, 12, 19, 24 and 32 under 35 USC § 702 and 35 
use 103(a) have been fully considered and are persuasive. Therefore, the rejection 
has been withdrawn. However, upon further consideration, a new ground(s) of rejection 
is made in view of the amended claims as follows. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



Claims 1-31 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Aura (6,711,400 B1) in view of Raith (5,241,598). 
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Aura discloses an authentication method for a telecommunication system that a 
mobile subscriber is authenticated to both visiting and home networks and vice versa 
(see, for example, abstract), i.e., the authenticity of the subscriber's identity is verified 
by the networks and the subscriber checks the authenticity of the networks' identities. 

Raith discloses system for controlling the resetting of a rolling key used in the 
validation of a mobile station and a serving radio network (see, for example, abstract 
and col. 7, lines 49-55). 

Claims 1 and 19 

Aura discloses: 

storing a key at the service network (see, for example, col. 3, lines 1-4; col. 7, 
lines 7-12, where the visited network VPLMN corresponds to the recited service 
network); 

transmitting information to the station from the service network that enables the 
station to compute the key stored at the service network (see, for example, col. 7, lines 
13-25); 

receiving a request for service at the service network from the station (see, for 
example, col. 6, lines 16-21); 

transmitting information to the station that forms a part of a verification 
computation enabling the station to authenticate the service network (col. 7, lines 13-25, 
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where Ki forms a part of information in the computations used by algorithms HI , H2, 
and H3 that are used by the mobile subscriber to authenticate the visited network.) 

determining at the home environment network a cryptographic primitive offered to 
the home environment by the service network (col. 2, lines 15-18, where the algorithms 
that are used in the process of authentication are located in both authentication center 
of the visited network that corresponds to the recited service network and in the 
subscriber unit that corresponds to the home environment; col. 2, lines 26-36 where the 
hash functions are provided to a subscriber by a center that corresponds to the recited 
service network; Fig. 4, where the MS uses the same hash functions that are used in 
the authentication center of the visited network in order to compute responses for the 
visited network; see also col. 4, lines 9-55); and 

based on the determined cryptographic primitive, transmitting to the service 
network at least one vector of authentication information corresponding to a particular 
station (see, for example, Fig. 4, where MS transmits the vector SRES2 to the visited 
network that is used in the authentication process). 

Aura, however, does not expressly disclose: 

adjusting a verification value at each usage of the key; and 

transmitting, from the service network to the station, information corresponding to 
the verification value. 

Raith discloses the use of a counter in association with the usage of an 
encryption key by a mobile station (see, for example, col. 8, lines 54-67; col. 21, line 22- 
col. 22, line 37, where incrementing the counter each time the rolling key is updated is 
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functionally equivalent to the adjusting a verification value at each usage of the key). 
Raith further discloses "transmitting, from the service network to the station, information 
corresponding to the verification value that forms a part of a verification computation 
enabling the station to authenticate the service network." (see, for example, col. 18, 
lines 55-67; col. 19, lines 16-40; col. 23, lines 27-47, where RESPBIS that is 
corresponding to the counter which being incremented in both mobile station and the 
visited network transmitted to the mobile station from the visited network and it is used 
by the mobile station to authenticate the visited network). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to deploy a counter associated to a key usage as taught in Raith in 
the method of Aura because it would provide a means for preventing fraudulent use of a 
mobile station (Raith, col. 19, lines 7-14) and to enhance security of communication 
between a mobile station and a visited network (col. 6, lines 57-67). 

Claim 2 

Aura discloses: 

receiving a vector of authentication information from the home environment 
network of the station, the vector including an indication of the vector's position in a 
sequence of vectors (see, for example, Fig. 4, where RAND2, SRES1, SRES2* and Kc 
are the vector of authentication information received by the visited network from the 
home network and these information are based on Ki which represents the encryption 
key for the ith mobile station that corresponds to the ith position of a vector in the 
sequence a Ts values of vector information); and 
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transmitting information to the station that enables the station to compute the key 
stored at the service network comprises transmitting portions of the received vector of 
authentication information (see, for example, Fig. 4, where RAND2 and SRES1 are a 
portion of the received vector of authentication information and transmitted to the ith 
mobile station to calculate Kc stored also in the visited network). 

Claim 3 

Aura discloses: 

the received vector of authentication information comprises the key stored by the 
service network (see, for example, Fig. 4, where the key Kc is received and stored by 
the visited network). 

Claim 4 

Aura discloses: 

computing at the service network the key stored by the service network based on 
information included in the received vector (see, for example. Fig. 3, where the key DKC 
is computed at the visiting network using DCK 1 and DCK2 that in turn are calculated 
using the information KS and KS' received from the home network, i.e., the vector). 

Claim 5 

Raith discloses: 
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adjusting a verification value comprises incrementing a sequence number 
corresponding to a number of times the key has been used (see, for example, col. 5, 
lines 9-1 3; col. 8, lines 55-67; col. 22, lines 5-1 1 ; col. 37, lines 42-52). 

Claim 6 

Raith discloses: 

the verification value comprises a TSQN (Temporary Sequence Number) (see, 
for example, col. 8, lines 54-67; col. 17, lines 27-34; col. 18, lines 5-10, the fact that the 
rolling key is a temporary key, thus its associated verification value is temporary). 

Claim 7 

Aura discloses: 

the station comprises a cellular phone; and 

the service network and home environment networks comprise cellular networks 
(see, for example, col. 1, line49-col. 2, line 3 and Fig. 1). 

Claim 8 

Aura discloses: 

using the key to compute a cipher key for encrypting communication between the 
service network and the station (see, for example, Fig. 3, where the key DCK is 
calculated for encrypting communication between the visited network and the mobile 
station at stages 327 and 315). 
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Claim 9 

Aura discloses: 

. negotiating use of a cryptographic primitive between the service network and the 
home environment network (see, for example, Fig. 3, where the home network at stage 
302 uses the primitive TA1 1 for calculation of KS and the service network BS uses 
primitive TA12 at stage 312 to calculate DCK1 which also calculated by MS at stage 
323 using TA12. The calculation of DCK1 at MS is dependent upon the value KS. This 
implies that the home network is aware of the primitives used at the BS and based on 
this knowledge the home network transmits the required authentication vector to the 
visiting network to be used by a specific primitive which corresponds to the recited 
negotiating use of a cryptographic primitive...). 
Claim 10 

Aura discloses: 

transmitting a challenge to the station (see, for example, Fig. 4, where the 
challenge RAND2 at stage 406 is sent to the MS); 

receiving a challenge response from the station (see, for example, Fig. 4, where 
the SRES2 at stage 409 is received); and 

comparing the received challenge response with an expected response (see, for 
example, Fig. 4, stage 409). 



Claim 11 

Aura discloses: 
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computing the key stored by the service network at the station (see, for example, 
Fig. 4, stage 407, the key Kc is calculated and also stored at the VPLMN). 
Aura, however, does not expressly disclose: 

receiving the information indicating the value corresponding to key usage at the 
station; and 

comparing the received value with a value corresponding to key usage 
maintained by the station. 

Raith discloses the use of a counter in association with the usage of an 
encryption key by a mobile station (see, for example, col. 8, lines 54-67; col. 21, line 22- 
col. 22, line 37, where incrementing the counter each time the rolling key is updated is 
functionally equivalent to the adjusting a verification value at each usage of the key). 
Raith further discloses "transmitting, from the service network to the station, information 
corresponding to the verification value that forms a part of a verification computation 
enabling the station to authenticate the service network." (see, for example, col. 18, 
lines 55-67; col. 19, lines 16-40; col. 23, lines 27-47, where RESPBIS that is 
corresponding to the counter which being incremented in both mobile station and the 
visited network transmitted to the mobile station from the visited network and it is used 
by the mobile station to authenticate the visited network). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to deploy a counter associated to a key usage as taught in Raith in 
the method of Aura because it would provide a means for preventing fraudulent use of a 
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mobile station (Raith, col. 19, lines 7-14) and to enhance security of communication 
between a mobile station and a visited network (Raith, col. 6, lines 57-67). 

Claim 12 

Aura discloses: 

A method for use in authenticating a service network to a station, the station 
having a home environment network, the method comprising: 

receiving information at the station from the service network (see, for example. 
Fig. 4, RAND2 and SRES1 at stage 407; col. 7, lines 13-46); 

computing a key based on the information received at the station from the 
service network, the computed key also being stored by the service network (see, for 
example, Fig. 4, Kc at stages 407 and 405; col. 7, lines 9-46); 

Aura, however, does not expressly disclose: 

maintaining an indicator of key usage at the station; 

receiving at the station an indicator of key usage maintained by the service 
network; and 

comparing the key usage indicator maintained by the service network with the 
key usage indicator maintained by the station. 

Raith discloses the use of a counter in association with the usage of an 
encryption key by a mobile station (see, for example, col. 8, lines 54-67; col. 21, line 22- 
col. 22, line 37, where incrementing the counter each time the rolling key is updated is 
functionally equivalent to the adjusting a verification value at each usage of the key). 
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Raith further discloses "transmitting, from the service network to the station, information 
corresponding to the verification value that forms a part of a verification computation 
enabling the station to authenticate the service network." (see, for example, col. 18, 
lines 55-67; col. 19, lines 16-40; col. 23, lines 27-47, where RESPBIS that is 
corresponding to the counter which being incremented in both mobile station and the 
visited network transmitted to the mobile station from the visited network and it is used 
by the mobile station to authenticate the visited network). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to deploy a counter associated to a key usage as taught in Raith in 
the method of Aura because it would provide a means for preventing fraudulent use of a 
mobile station (Raith, col. 19, lines 7-14) and to enhance security of communication 
between a mobile station and a visited network (col. 6, lines 57-67). 

Claim 13 

Aura discloses: 

maintaining an authentication vector sequence number at the station (see, for 
example, col. 8, line 65-col. 9, line 2); 

receiving at the station from the service network an indication of an 
authentication vector sequence number maintained by the home environment network 
(see, for example, Fig. 4, where SRES1 is received by the MS from VPLMN at stage 
407 which is kept at HLR/AUC; and 
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comparing the authentication vector sequence number maintained by the home 
environment network with the received authentication vector sequence number 
maintained by the station (see, for example, Fig. 4, where SRES1 maintained by the 
home network is compared with SRES1' maintained by the MS at stage 408). 

Claim 14 

Aura discloses: 

receiving from the service network identification of a cryptographic primitive (see, 
for example. Fig. 4, where RAND2 received by MS at stage 407 which is generated by 
the home network using a hash function at stage 404). 

Claim 15 

Aura discloses: 

the station comprises a cellular phone; and 

the service network and home environment networks comprise cellular networks 
(see, for example, col. 1, line 49-col. 2, line 3 and Fig. 1). 

Claim 16 

Aura discloses: 

using the key to compute a cipher key for encrypting communication between the 
service network and the station (see, for example, Fig. 3, where the key DCK is 
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calculated for encrypting communication between the visited network and the mobile 
station at stages 327 and 315). 

Claim 17 

Aura discloses: 

receiving a challenge from the service network (see, for example, Fig. 4, where 
the challenge RAND2 at stage 407 is received by MS); 

determining a challenge response (see, for example, Fig. 4, where at stage 407 
SRES2 is computed); and 

transmitting the challenge response to the service network (see, for example. 
Fig. 4, where SRES2 is transmitted to VPLMN at stage 409). 

Claim 18 

Raith discloses the use of a counter in association with the usage of an 
encryption key by a mobile station (see, for example, col. 8, lines 54-67; col. 21, line 22- 
col. 22, line 37). 

Claim 20 

Aura discloses: 

receiving identification of the cryptographic primitive from the service network 
(see, for example, Fig. 4, where RAND2 received by MS at stage 407 which is 
generated by the home network using a hash function at stage 404). 
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Claim 21 

Aura discloses: 

identification comprises a value of a MODE field (see, for example, Fig. 4, where 
SRES1 which is the product of a hash value that represents a value corresponding to 
the recited MODE field). 
Claim 22 

Aura discloses: 

the vector authentication information comprises an indication of an authentication 
vector sequence number maintained by the home environment network, (see, for 
example, Fig. 4, where RAND2, SRES1, SRES2* and Kc are the vector of 
authentication information received by the visited network from the home network and 
these information are based on Ki which represents the encryption key for the ith mobile 
station that corresponds to the ith position of a vector in the sequence a I's values of 
vector information) 

Claim 23 

Aura discloses: 

The vector of authentication information comprises a challenge and an expected 
response (see, for example, Fig. 4, where the challenge RAND2 at stage 407 is 
received by MS and the SRES2 is the expected response). 
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Claim 24 

This claim is rejected as applied to the like elements of the claim 1 as stated 
above and further the following: 

Aura discloses that a cryptographic key is computed each time a MS is 
establishing communication with a visited network (Fig. 4, where the Kc is calculated by 
both MS and the AUG of the visited network). 

Aura, however does not expressly disclose: 

storing different sets of cryptographic information for the different respective 
service networks; 

selecting one of the sets of cryptographic information for one of the service 
networks; and 

using the one selected set of cryptographic information to communicate with the 
one service network. 
Raith discloses: 

storing different sets of cryptographic information for the different respective 
service networks (see, for example, col. 16, lines 2-20; col. 17, lines 10-21; col. 19, lines 
15-40); 

selecting one of the sets of cryptographic information for one of the service 
networks; and 

using the one selected set of cryptographic information to communicate with the 
one of the service network to authenticate the one of the service networks to the station 
(see, for example, col. 18, lines 49-67). 
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Raith further discloses the use of a counter in association with the usage of an 
encryption key by a mobile station (see, for example, col. 8, lines 54-67; col. 21, line 22- 
col. 22, line 37, where incrementing the counter each time the rolling key is updated is 
functionally equivalent to the adjusting a verification value at each usage of the key). 
Raith also discloses "transmitting, from the service network to the station, information 
corresponding to the verification value that forms a part of a verification computation 
enabling the station to authenticate the service network." (see, for example, col. 18, 
lines 55-67; col. 19, lines 16-40; col. 23, lines 27-47, where RESPBIS that is 
corresponding to the counter which being incremented in both mobile station and the 
visited network transmitted to the mobile station from the visited network and it is used 
by the mobile station to authenticate the visited network). 

It would have been obvious to a person of ordinary skill in the art at the 
time the invention was made to deploy a counter associated to a key usage as taught in 
Raith in the method of Aura because it would provide a means for preventing fraudulent 
use of a mobile station (Raith, col. 19, lines 7-14) and to enhance security of 
communication between a mobile station and a visited network (col. 6, lines 57-67). 

Claim 25 

Aura discloses: 

the sets of cryptographic information comprise a key shared by the station and 
the service network (see, for example. Fig. 3, where the cryptographic key DCK is used 
by both MS and the visiting network for communicating with each other). 
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Claim 26 

Aura discloses: 

computing the key shared by the station and the service network based on 
information received from the service network (see, for example, Fig. 3, where at stage 
327 the cryptographic key DCK is computed based on the DCK1 and DCK2 that are in 
turn computed based on KS and KS'. The KS and KS' are calculated based on RS 
received from the service network. Thus, DCK is based on the RS). 

Claim 27 

Raith discloses the use of a counter in association with the usage of an 
encryption key by a mobile station (see, for example, col. 5, lines 9-13; col. 8, lines 55- 
67; col. 22, lines 5-11; col. 37, lines 42-52). 

Claim 28 

Raith discloses the use of a counter in association with the usage of an 
encryption key by each mobile station and visiting network) (see, for example, abstract; 
col. 7, lines 15-25). 

Claim 29 

Raith discloses the use of counters in association with the usage of encryption 
keys by both mobile station and service network. When the counters reach a certain 
value (corresponding to the recited comparing the indicator of the service network with 
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the indicator of the mobile station) the rolling key is updated (see, for example, col. 5, 
lines 9-13; col. 8, lines 55-67; col. 22, lines 5-11; col. 37, lines 42-52). 

Claim 30 

Aura discloses: 

using the selected set of cryptographic information comprises using the selected 
set cryptographic information to authenticate the service network (see, for example, Fig. 
4, where the cryptographic key Ki is selected by the MS to calculate SRES1' in order to 
authenticate the visiting network at stage 408). 
Claim 31 

Aura discloses: 

using the selected set cryptographic information comprises using the selected set 
of cryptographic information in encrypting communication between the station and the 
service network (see, for example. Fig. 4, where the cryptographic key Kc is selected for 
encrypting communication between the station and the service network). 

Claim 32 Is rejected under 35 U.S.C. 103(a) as being unpatentable over Aura 
(6,711,400 B1) In view of Raith (5,241,598) and further In view of Maupin (6,600,917 
B1). 

Claim 32 

This claim is rejected as applied to the like elements of claim 1 as stated above 
and further the following: 
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Aura in view of Raith discloses: 

determining whether the home environment and the service network share a 
cryptographic primitive offered by the service network (col. 2, lines 15-18, where the 
algorithms that are used in the process of authentication are located in both 
authentication center that corresponds to the recited service network and in the 
subscriber unit that corresponds to the home environment; col. 2, lines 26-36 where the 
hash functions are provided to a subscriber by a center that corresponds to the recited 
service network; Fig. 4, where the MS uses the same hash functions that are used in 
the authentication center of the visited network in order to compute responses for the 
visited network; see also col. 4, lines 9-55); 

computing a shared secret key (SSK) (see, for example, Fig. 4, where the 
cryptographic key Kc is computed at the visited network's AUG); 

transmitting information from the service network to the station that enables the 
station to compute the SSK (see, for example, Fig. 4, where RAND2 and SRES1 are 
transmitted to the MS by the visited network to calculate shared Kc). 

Aura in view of Raith, however, does not expressly disclose that if it is 
determined that the home and visited networks do not share a cryptographic primitive, 
the 3GPP AKA is used for authentication operation between the mobile station and the 
visiting network. 

Maupin teaches a telecommunication system that a base station (corresponding 
to the recited service network) transmits a message to inform mobile units of the type of 
services supported by the base station (see, for example, abstract; col. 2, line 64-col. 3, 
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line 12). Maupin further discloses that based on the message that is received from the 
base station a mobile unit decides on the use of an available technology such as third 
generation technology corresponding to the 3GPP AKA, which is capable of using it for 
communication with a base station (see, for example, col. 1, line 64-col. 2, line 11; col. 
2; lines 21-38; col. 2; line 64-col. 3, lines 12; col. 3, lines 21-47). This process 
corresponds to the recited determining whether to use a 3 GPP AKA technology or a 
shared cryptographic primitive between a home network and a service network, 
because a mobile unit only capable of using a technology that its home environment 
network uses. 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to implement the process of determining to use a 3GPP AKA 
technology or a shared cryptographic primitive as taught in Maupin in the system of 
Aura in view of Raith, because it would enable the mobile unites to quickly determine 
what type of technology is available to them (col. 2, lines 57-61). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can normally be reached on M-T 8-6. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Abdulhakim Nobahar 
Examiner /j /y\ 
Art Unit 2132 A^ ' ' 

September 16, 2005 
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